updated postgresql state
This commit is contained in:
parent
324519ff2e
commit
8d8f5da98b
20
states/postgresql/config.sls
Normal file
20
states/postgresql/config.sls
Normal file
@ -0,0 +1,20 @@
|
|||||||
|
---
|
||||||
|
{%- from "postgresql/map.jinja" import postgresql with context %}
|
||||||
|
postgresql-config-main:
|
||||||
|
file.keyvalue:
|
||||||
|
- name: {{ postgresql.configpath }}/postgresql.conf
|
||||||
|
- key_values: {{ postgresql.config.main }}
|
||||||
|
- separator: ' = '
|
||||||
|
- uncomment: '# '
|
||||||
|
- key_ignore_case: True
|
||||||
|
- append_if_not_found: True
|
||||||
|
- watch_in:
|
||||||
|
- service: postgresql-service
|
||||||
|
|
||||||
|
postgresql-config-hba:
|
||||||
|
file.managed:
|
||||||
|
- name: {{ postgresql.configpath }}/pg_hba.conf
|
||||||
|
- source: salt://postgresql/templates/pg_hba.conf.j2
|
||||||
|
- template: jinja
|
||||||
|
- watch_in:
|
||||||
|
- service: postgresql-service
|
||||||
@ -7,9 +7,10 @@ postgresql-database-{{ database.name }}:
|
|||||||
- owner: {{ database.user }}
|
- owner: {{ database.user }}
|
||||||
- db_user: postgres
|
- db_user: postgres
|
||||||
- template: template0
|
- template: template0
|
||||||
- encoding: {{ database.encoding }}
|
- encoding: {{ database.encoding|default("UTF8") }}
|
||||||
- lc_collate: {{ database.collate|default("en_US.UTF-8") }}
|
- lc_collate: {{ database.collate|default("en_US.UTF-8") }}
|
||||||
- lc_ctype: {{ database.ctype|default("en_US.UTF-8") }}
|
- lc_ctype: {{ database.ctype|default("en_US.UTF-8") }}
|
||||||
|
- db_port: {{ postgresql.config.main.port|default(5432) }}
|
||||||
- require:
|
- require:
|
||||||
- postgres_user: postgresql-user-{{ database.user }}
|
- postgres_user: postgresql-user-{{ database.user }}
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
|
|||||||
@ -11,4 +11,10 @@ postgresql:
|
|||||||
databases:
|
databases:
|
||||||
- name: postgres
|
- name: postgres
|
||||||
user: postgres
|
user: postgres
|
||||||
|
configpath: /etc/postgresql/13/main
|
||||||
|
config:
|
||||||
|
main:
|
||||||
|
listen_addresses: "'*'"
|
||||||
|
port: 5433
|
||||||
|
max_connections: 100
|
||||||
users: []
|
users: []
|
||||||
|
|||||||
@ -1,6 +1,7 @@
|
|||||||
---
|
---
|
||||||
include:
|
include:
|
||||||
- .install
|
- .install
|
||||||
|
- .config
|
||||||
- .service
|
- .service
|
||||||
- .users
|
- .users
|
||||||
- .databases
|
- .databases
|
||||||
|
|||||||
@ -3,3 +3,5 @@
|
|||||||
{%- set defaults = salt['grains.filter_by'](default_settings, default='postgresql') -%}
|
{%- set defaults = salt['grains.filter_by'](default_settings, default='postgresql') -%}
|
||||||
|
|
||||||
{%- set postgresql = salt['pillar.get']('postgresql', default=defaults, merge=True) -%}
|
{%- set postgresql = salt['pillar.get']('postgresql', default=defaults, merge=True) -%}
|
||||||
|
|
||||||
|
{%- set net = salt['pillar.get']('net') -%}
|
||||||
36
states/postgresql/templates/pg_hba.conf.j2
Normal file
36
states/postgresql/templates/pg_hba.conf.j2
Normal file
@ -0,0 +1,36 @@
|
|||||||
|
## {{ salt['pillar.get']('salt_managed', default='Salt Managed') }}
|
||||||
|
{%- from "postgresql/map.jinja" import net with context %}
|
||||||
|
|
||||||
|
### Replication via repmgr
|
||||||
|
local replication repmgr trust
|
||||||
|
{%- for key, value in net.ipv4_networks.items() %}
|
||||||
|
host replication repmgr {{ value.ip }}/{{ value.mask }} trust # {{ key }}
|
||||||
|
{%- endfor %}
|
||||||
|
{%- for key, value in net.ipv6_networks.items() %}
|
||||||
|
host replication repmgr {{ value.ip }}/{{ value.mask }} trust # {{ key }}
|
||||||
|
{%- endfor %}
|
||||||
|
|
||||||
|
local repmgr repmgr trust
|
||||||
|
{%- for key, value in net.ipv4_networks.items() %}
|
||||||
|
host repmgr repmgr {{ value.ip }}/{{ value.mask }} trust # {{ key }}
|
||||||
|
{%- endfor %}
|
||||||
|
{%- for key, value in net.ipv6_networks.items() %}
|
||||||
|
host repmgr repmgr {{ value.ip }}/{{ value.mask }} trust # {{ key }}
|
||||||
|
{%- endfor %}
|
||||||
|
|
||||||
|
### Basic auth for users
|
||||||
|
{%- for key, value in net.ipv4_networks.items() %}
|
||||||
|
host all all {{ value.ip }}/{{ value.mask }} md5 # {{ key }}
|
||||||
|
{%- endfor %}
|
||||||
|
{%- for key, value in net.ipv6_networks.items() %}
|
||||||
|
host all all {{ value.ip }}/{{ value.mask }} md5 # {{ key }}
|
||||||
|
{%- endfor %}
|
||||||
|
|
||||||
|
|
||||||
|
local all postgres peer
|
||||||
|
local all all peer
|
||||||
|
host all all 127.0.0.1/32 md5
|
||||||
|
host all all ::1/128 md5
|
||||||
|
local replication all peer
|
||||||
|
host replication all 127.0.0.1/32 md5
|
||||||
|
host replication all ::1/128 md5
|
||||||
@ -9,5 +9,5 @@ postgresql-user-{{ user.name }}:
|
|||||||
{%- endif %}
|
{%- endif %}
|
||||||
- login: {{ user.login|default(true) }}
|
- login: {{ user.login|default(true) }}
|
||||||
- superuser: {{ user.superuser|default(false) }}
|
- superuser: {{ user.superuser|default(false) }}
|
||||||
- db_user: postgres
|
- db_port: {{ postgresql.config.main.port|default(5432) }}
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user